def logout(session_id: str):
"""Logout user.
Args:
session_id (str): session UUID.
"""
db = DataBase()
db_session = db.create_session()
db_session.query(db.Session).filter_by(uuid=session_id).delete()
db_session.commit()
def wrapper(*args, **kwargs) -> web.Response:
"""Wrap decorated method.
Args:
*args (tuple): Tuple with nameless arguments;
**kwargs (dict): Dict with named arguments.
Returns:
Result of called wrapped method.
Raises:
HTTPUnauthorized: 401 HTTP error, if user session is expired or not found;
HTTPForbidden: 403 HTTP error, if access denied.
"""
request = args[1]
session_id = request.headers.get('Authorization')
if not session_id:
raise web.HTTPUnauthorized(text='Unauthorized request')
db = DataBase()
db_session = db.create_session()
session = db_session.query(
db.Session).filter_by(uuid=session_id).first()
if not session:
raise web.HTTPUnauthorized(
text='Session expired. Please, sign in again')
if not session.user.role:
raise web.HTTPForbidden(text='User is not attached to role')
method = db_session.query(
db.Method).filter_by(name=func.__name__).first()
if method and not method.shared:
relations = set(
filter(lambda rel: rel.role_id == session.user.role.id,
method.roles))
if len(relations) == 0:
raise web.HTTPForbidden(text='Access denied')
return func(*args, **kwargs)
def add_method(method_name: str):
"""Add new method.
Args:
method_name (str): Method name.
Raises:
SystemError: if method exists.
"""
db = DataBase()
db_session = db.create_session()
existing_method = db_session.query(
db.Method).filter_by(name=method_name).first()
if existing_method:
raise SystemError(f'Method {method_name} already exists')
db_session.add(db.Method(method_name))
db_session.commit()
def add_role(role_name: str):
"""Add new role.
Args:
role_name (str): Role name.
Raises:
SystemError: if role exists.
"""
db = DataBase()
db_session = db.create_session()
existing_role = db_session.query(
db.Role).filter_by(name=role_name).first()
if existing_role:
raise SystemError(f'Role {role_name} already exists')
db_session.add(db.Role(role_name))
db_session.commit()
def wrapper(*args, **kwargs) -> web.Response:
"""Wrap decorated method.
Args:
*args (tuple): Tuple with nameless arguments;
**kwargs (dict): Dict with named arguments.
Returns:
Result of called wrapped method.
Raises:
HTTPUnauthorized: 401 HTTP error, if user session is expired or not found.
"""
request = args[1]
session_id = request.headers.get('Authorization')
if not session_id:
raise web.HTTPUnauthorized(text='Unauthorized request')
db = DataBase()
db_session = db.create_session()
session = db_session.query(
db.Session).filter_by(uuid=session_id).first()
if not session:
raise web.HTTPUnauthorized(
text='Session expired. Please, sign in again')
if session.exp_dt < datetime.now():
db_session.delete(session)
db_session.commit()
raise web.HTTPUnauthorized(
text='Session expired. Please, sign in again')
kwargs.update(user_id=session.user_id)
return func(*args, **kwargs)
def delete_method(method_name: str):
"""Delete method.
Args:
method_name (str): Method name.
Raises:
SystemError: if method does not exist.
"""
db = DataBase()
db_session = db.create_session()
method = db_session.query(
db.Method).filter_by(name=method_name).first()
if not method:
raise SystemError(f'Method {method_name} is not found')
db_session.query(db.MethodRole).filter_by(method_id=method.id).delete()
db_session.delete(method)
db_session.commit()
def delete_role(role_name: str):
"""Delete role.
Args:
role_name (str): Role name.
Raises:
SystemError: if role does not exist, if role has users.
"""
db = DataBase()
db_session = db.create_session()
role = db_session.query(db.Role).filter_by(name=role_name).first()
if not role:
raise SystemError(f'Role {role_name} is not found')
if len(role.users):
raise SystemError("You can't delete role with users")
db_session.query(db.MethodRole).filter_by(role_id=role.id).delete()
db_session.delete(role)
db_session.commit()
if not PASSWORD_REGEX.match(password):
raise ValueError(
'Invalid password. Password should contain letters, digits and will be 8 to 50 characters long'
)
if password != confirm_password:
raise ValueError('Passwords are not match')
if surname:
surname = surname.strip()
hashed_password = HashAPI.hash_sha512(password)
db = DataBase()
db_session = db.create_session()
existed_user = db_session.query(db.User).filter_by(email=email).first()
if existed_user:
raise SystemError(f'User with email {email} already exists')
role_visitor = db_session.query(
db.Role).filter_by(name="visitor").first()
db_session.add(
db.User(email, hashed_password, name, surname, role=role_visitor))
db_session.commit()
@staticmethod
def signin(**kwargs) -> str:
"""Sign in user.